﻿/// ****************************************************************************
/// Author:	        Robin Zhu
/// Create Date:	2015-2-27
/// Purpose: 		扩展System.Web.Mvc.AuthorizeAttribute使其可以使用验证中心设置的权限
/// ****************************************************************************
/// Modify By		Date			Remark
/// Robin           2015-2-28       避免因为User为空而出错
/// ****************************************************************************
/// 
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Web.Mvc;
using System.Web;
using System.Runtime.Caching;
using RB.Web.Security;

namespace RB.Web.Mvc
{
    public class VarAuthorizeAttribute : AuthorizeAttribute
    {
        private object _locker = new object();
        private bool _rolesInitialized = false;

        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            lock(_locker)
            {
                if (!_rolesInitialized)
                {
                    var context = filterContext.HttpContext;
                    var request = context.Request;
                    if (request != null)
                    {
                        string url = request.Url.AbsolutePath;
                        int actionIndex = url.LastIndexOf("/" + filterContext.ActionDescriptor.ActionName);
                        if (actionIndex > 0)
                        {
                            actionIndex += filterContext.ActionDescriptor.ActionName.Length + 1;
                            if (actionIndex < url.Length)
                            {
                                url = url.Remove(actionIndex);
                            }
                        }
                        this.Roles = VarAuthorization.GetRoles(url);
                    }
                    _rolesInitialized = true;
                }
            }
            
            base.OnAuthorization(filterContext);
        }

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext != null && httpContext.User != null)
            {
                // 避免标准验证时出错，因User为空而报错

                bool result = base.AuthorizeCore(httpContext);

                if (result)
                {
                    var identity = VarAuthentication.CurrentIdentity;
                    string ipString = httpContext.Request.UserHostAddress;
                    string httpForwarded = httpContext.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

                    UserActionLog actionLog = new UserActionLog()
                    {
                        AppCode = VarAuthorization.AppCode,
                        Ticket = identity.Ticket,
                        UserId = identity.UserId,
                        PathAndQuery = httpContext.Request.RawUrl,
                        IPAddress = ipString,
                        HttpForwarded = httpForwarded,
                        ActionTime = DateTime.Now
                    };
                    AuthorizationLogSaver.Save(actionLog);
                }

                return result;
            }
            return false;
        }
    }
}
